Crypto++ 5.6, CCM Mode

Sun, 01 Mar 2009 23:14:34 -0800 

Hi All/Wei,

Just my 2 cents on CCM mode. Take it for what its worth.

I find it a bit awkward to move away from past usage. For example, in
the past the mode would be specified a CCM_Mode. It may add to future
confusion. But I personally like it without "_Mode".

    CCM< AES, 96 >::Encryption e;
    e.SetKeyWithIV( key, sizeof(key), iv );

Using a bit count (rather than a byte count) for Tag lengths may lead
to future confusion. SP800-38C specifies 4, 6, 8, 10, 12, 14, and 16.
I would expect others to plug in the byte size, rather than the bit
size. Requesting the wrong tag [bit] size will result in a message
similar to below, which might add to the confusion.

    // Tags size must be 4, 6, 8, 10, 12, 14, or 16
    CCM< AES, 4 >::Encryption tt;
    tt.SetKeyWithIV( key, sizeof(key), iv );

    catch "AES/CCM: DigestSize must be 4, 6, 8, 10, 12, 14, or 16"

Visual Studio is not letting me step into the Increment() function, so
I can't be sure what is exactly going on (but I think I have an idea).
CCM returns a hard coded value of 8 for IVSize(), which means Q must
be 7. So CCM can handle a message of 2**56. It would be nice to have a
compile time constant for the IV. Currently I'm declaring using AES's
blocksize (of which CCM will consume 8), but it may give others the
wrong impression. Again, the compile time constant would remove
ambiguity.

Finally, I thanks for the mode. I don't believe I've ever had a real
need for authenticating adata (AAD), but there is always a need for
Authenticated Encryption.

    CCM< AES, 96 >::Encryption e;
    e.SetKeyWithIV( key, sizeof(key), iv );

    StreamTransformationFilter ef( e, new StringSink( cipher ) );
    ef.Put( (const byte*)plain.c_str(), plain.length() );
    ef.MessageEnd();

Jeff

A compiler/Linker is not done until it can compile Crypto++...

1>Compiling...
1>Driver.cpp
1>Linking...
1>Driver.obj : fatal error LNK1000: Internal error during IncrCalcPtrs
1>  Version 9.00.30729.01
1>  ExceptionCode            = C0000005
1>  ExceptionFlags           = 00000000
1>  ExceptionAddress         = 0045B8C0 (00400000) "C:\Program
Files\Microsoft Visual Studio 9.0\VC\bin\link.exe"
....

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Reply via email to